SoonerAl
Old Enough To Know Better
Premium,MVM
join:2002-07-23
Norman, OK
4 edits |  reply to Flaubert
Re: The most secure way to use Windows Remote Desktop
I use CopSSH as my SSH server on an XP Pro SP2 box. I like CopSSH because it is being actively maintained as new releases of OpenSSH become available.
»www.itefix.no/phpws/index.php?mo···on=22:22
I also use Tunnelier as the client. Tunnelier can be configured to automatically launch a RDP session when the SSH tunnel is established if you want.
»www.bitvise.com/tunnelier.html
In my case I also use a 2048-bit private/public RSA key pair (with strong pass phrase) for authentication versus a password (strong or otherwise) and a listening port other than the default TCP Port 22. Now to be clear the latter measure is NOT a standalone deterrent/security measure, but it does not hurt either...
»www.openbsd.org/cgi-bin/man.cgi?···ektion=1
»forums.bitvise.com/index.php?sho···0&p=1581
The screen shots illustrate how I have Tunnelier configured to access my home LAN and my two XP Pro boxes...
»theillustratednetwork.mvps.org/LAN/LAN.jpg
...via the SSH tunnel. In my case the CopSSH server runs on the PC Ashtabula. The rest of the Tunnelier configurables are the defaults.
I also created and saved two .RDP files to customize the Remote Desktop experience for each PC. When I connect with the SSH tunnel the RDP link to my main desktop, ie. Ashtabula, automatically launches. I have to click on the NormanRDP desktop icon to initiate the RDP connection to the other PC...
For SSH all you need to do is to forward TCP Port 22 through any firewall/router at your home. All other traffic goes through the tunnel. No other ports need to be opened on the firewall/router...
»theillustratednetwork.mvps.org/R···nel.html
--
"When all else fails, read the instructions..." |
